SonicWall
Newsroom SonicWall Threat Intelligence Confirms Alarming Surge in Ransomware, Malicious Cyberattacks as Threats Double in 2021

SonicWall Threat Intelligence Confirms Alarming Surge in Ransomware, Malicious Cyberattacks as Threats Double in 2021

  • Over 623 million ransomware attacks globally, an astounding 105% increase
  • Ransomware volume increased 232% since 2019
  • U.S., U.K. ransomware climbed staggering 98% and 227%, respectively
  • Log4j vulnerability exploits eclipsed 142 million in six weeks
  • 65% increase in ‘never-before-seen’ malware variants identified
  • Encrypted threats increased 167% year-over-year
  • Record 97.1 million cryptojacking attacks found

MILPITAS, Calif. — February 17, 2022 — SonicWall, the publisher of the world’s most quoted ransomware threat intelligence, today released the 2022 SonicWall Cyber Threat Report. The bi-annual report details a sustained meteoric rise in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021 including: ransomware, encrypted threats, IoT malware and cryptojacking.

“Cyberattacks become more attractive and potentially more disastrous as dependence on information technology increases,” said SonicWall President and CEO Bill Conner. “Securing information in a boundless world is a near impossible and thankless job, especially as the boundaries of organizations are ever-expanding to limitless endpoints and networks.”

Ransomware’s Savage Reign Continues as Attacks Increase 105%
SonicWall Capture Labs threat researchers diligently tracked the dramatic rise in ransomware, recording an astounding 318.6 million more ransomware attacks than 2020, a 105% increase. Ransomware volume has risen 232% since 2019.

High-profile ransomware attacks impacted businesses, state and federal governments, schools, hospitals and even individuals. Attacks hit supply chains, causing widespread system downtime, economic loss and reputational damage. Following global trends, all industries faced large increases of ransomware volume, including government (+1,885%), healthcare (755%), education (152%) and retail (21%).

As Cyberattack Vectors Expand, Malicious Assaults Climb
The frequency and variety of cyberattacks continue to expand every year, with an increasing cost to organizations worldwide. SMBs and enterprises are progressively threatened by an assortment of cyberattacks, and without knowing what they are, or how cybercriminals operate, protecting business-critical data from cyberattacks becomes unmanageable.

“Attacks on networks rose to a fever pitch in 2021,” said SonicWall Vice President of Platform Architecture Dmitriy Ayrapetov. “Ransomware, cryptojacking, vulnerably exploitation, phishing and other attacks continue to plague organizations around the world and overwhelm security teams. It’s important to understand the breakdown of these attacks and why they continue to be successful, as well as the drivers and trends behind them.”

Insight on additional cyber threats include:

  • Apache Log4j vulnerabilities were quickly exploited, with threat actors logging 142.2 million exploit attempts between Dec. 11 and Jan. 31 — an average of 2.7 million each day. Within three days of the public disclosure, exploit attempts had already passed the 1 million mark.
  • Malware volume was slightly down again in 2021, marking both a third-straight year of decrease as well as a seven-year low. However, an uptick in attacks during the second half of 2021 almost completely erased the 22% drop in malware that SonicWall had recorded at the mid-year point, bringing the total decrease for 2021 to just 4% — suggesting malware numbers may rebound in 2022.
  • Encrypted threats increased 167% year-over-year. In August, the number of encrypted attacks broke the 1 million mark for the first time, then continued to rise, reaching nearly 2.5 million by year’s end.
  • Cryptojacking continued to surge last year, rising 19% globally to 97.1 million, which is the most attacks that SonicWall Capture Labs threat researchers have ever recorded in a single year.
  • IoT malware volume rose 6% in 2021, totaling 60.1 million hits by year’s end. While this isn’t good news, it’s at least better than it has been: In 2019 and 2020, IoT malware volume rose 218% and 66%, respectively. With no corresponding slowdown in the proliferation of connected devices, this suggests that attack volumes may be leveling off.

Smarter Than Ever, RTDMI Discovered 65% More ‘Never-before-seen’ Malware Variants
SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMI) technology identified a total of 442,151 never-before-seen malware variants in 2021, a 65% year-over-year increase and an average of 1,211 per day. In Q4, RTDMI found more never-before-seen malware variants than in any quarter since its introduction in 2018.

SonicWall Advanced Threat Protection (ATP) with RTDMI recently earned its fourth consecutive ‘perfect score’ in the ICSA Labs ATD testing for Q4 2021. ICSA Labs is an independent third party that tested SonicWall’s solutions using never-before-seen malware samples, and over the course of the entire year (2021) SonicWall technology did not miss a single malware sample nor produced one false positive.

To learn more about SonicWall and get the complete 2022 SonicWall Cyber Threat Report, please visit sonicwall.com/ThreatReport.

About SonicWall Capture Labs
SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Latest Stories

" alt="" />
July 17, 2024

SonicWall Unveils Zero Trust Network Access (ZTNA) Tailored for MSPs, Launches Cloud Secure Edge (CSE) Suited for Any Stage of Cloud Migration

SonicWall Combines Acquired Industry-Leading Security Service Edge (SSE) Solutions with SonicWall’s SME Network Security Experience to Create a Cloud-Delivered ZTNA Solution for MSPs MILPITAS, Calif. — July 18, 2024 — SonicWall announced today the launch of Cloud Secure Edge (CSE), offering an innovative suite of Zero Trust Access offerings designed specifically for MSPs who are meeting customers with increasingly remote work forces on their cloud migration journeys. With flexible, cost-effective solutions for remote access and internet access, CSE empowers organizations to securely connect employees and third-party users to resources from any device and location with unparalleled simplicity and security. Born from years of delivering innovative Security Service Edge (SSE) solutions for mid-enterprise customers, CSE is a unified, cloud-delivered multi-tenant platform for MSPs of all sizes. Customers will be able to choose from a range of Secure Internet Access (SIA) and Secure Private Access (SPA) solutions that replace legacy VPNs with cloud-native solutions that deliver network security at all price points. For organizations that want to combine zero trust with firewall protection, SonicWall is embedding a Private Connector in SonicWall Next-Gen Firewalls (NGFW) to strengthen existing multi-layer security with a zero trust architecture, providing unprecedented ease of deployment while leveraging existing infrastructure. "In today's dynamic threat landscape, where remote work and cloud adoption are accelerating, organizations need a flexible security solution that can seamlessly protect users and data across any network environment,” said SonicWall Executive Vice President of Product Strategy Tarun Desikan. “Banyan was an early innovator and market leader in delivering SSE to enterprises of all sizes. CSE takes that experience and adds SonicWall’s network security knowledge to launch highly flexible and cost-effective solutions - ensuring that any organization can maintain high-performance connectivity while safeguarding against evolving cyber threats. These innovative offerings, designed in consultation with SonicWall MSPs, not only simplify deployment and management but also enhance overall security posture, making them essential and accessible tools for evolving IT environments." While established vendors offer complex SSE solutions geared toward large enterprises, CSE fills the gap experienced by SMEs by providing a straightforward, scalable ZTNA solution ideal for MSPs and their mid-market and SMB customers. CSE adds to our existing remote access solutions enabling SonicWall to help any business no matter what phase they’re at in their transition to the cloud. "When we acquired Banyan in January, we said we would empower partners by delivering a security architecture for any stage of their customers’ evolving cloud journey,” said SonicWall CEO and President Bob VanKirk. “Cloud Secure Edge is the first step of that delivery, with additional MSP-friendly components of the SSE stack to follow. We are redefining SSE for the SME market by combining simplicity and management with robust security, empowering organizations to embrace zero trust principles effortlessly. Our goal is to provide our partners and their customers with confidence that their data and resources are protected, regardless of where their workforce operates." From VPN as a Service (VPNaaS) to ZTNA to SSE, CSE leverages existing network security infrastructure with a cloud-delivered solution that simplifies deployment and management while offering robust security capabilities suitable for organizations of all sizes. Because traditional appliance-based solutions are no longer sufficient in today’s evolving landscape of cloud applications, remote work, and mobile devices, SonicWall has designed a set of offerings that integrate with SonicWall network security solutions to emphasize ease of deployment and management and flexibility to address any cloud migration use case. "We see firsthand the challenges organizations face in securing their increasingly dispersed workforce,” said SonicWall partner and CEO of Black Mountain Rama Polefka. “Cloud Secure Edge addresses these challenges head-on by providing a comprehensive set of solutions that are not only easy to deploy and manage but also deliver robust security capabilities. Whether it’s replacing tradition VPNs, delivering a cost-effective endpoint-based DNS offering or delivering a full ZTNA architecture, this solution allows us to offer our customers who are implementing a hybrid cloud migration a scalable and efficient way to protect their critical assets while ensuring seamless connectivity for their remote workforce." Additional key benefits for MSPs include: Firewall Connector: SonicWall customers can leverage CSE Connector integration within their Next-Generation firewalls (Gen7) starting with SonicOS 7.1.2, enabling ZTNA to their private apps hosted behind the firewall. Seamless Integration: The addition of Cloud Secure Edge is designed to integrate seamlessly with MySonicWall. This ensures a smooth transition for MSPs, allowing them to leverage new capabilities without disrupting their current operations. Simplified Remote Access:CSE Connector integration in SonicOS 7.1.2 allows employees to securely access authorized applications from anywhere, on any single device, without having to deal with repetitive and complex VPN and Access Policy configurations. Monthly Billing: The integration features the addition of CSE to the Service Provider Program to offer no-commitment, in arrears billing which aligns with how MSPs charge their customers – with flexible and cost-effective license tiers. Regional Compliance: The integration features a new CSE data center hosted in Frankfurt, Germany to ease adoption and data residency compliance with frameworks like GDPR. Multi-tenant Management for MSPs: Added multi-tenancy management, designed with MSPs and MSSPs in mind For more information on SonicWall’s Cloud Security Edge please visit https://www.sonicwall.com/products/cloud-secure-edge/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
July 2, 2024

SonicWall Launches EMEA Managed Security Services Backed by a 24×7 European Security Operations Center (SOC)

SonicWall delivers on its promises of more fortification and flexibility for EMEA partners with key Managed Security Services additions – all ahead of strict new EU tech regulations MILPITAS, Calif. — July 3, 2024 — SonicWall announced today that it has rolled out its new Managed Security Services suite for European Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and other partners, all backed by a new locally-based 24x7x365 Security Operations Center (SOC) providing local understanding of regional cyber threats, regulations, and business environments, enhancing threat detection and response capabilities. The announcement reinforces SonicWall’s commitment to its valued partners and extends its portfolio to include EMEA-based Managed Detection and Response (MDR), Security Operations Center services (SOCaaS), and other managed security services that are delivered in partnership with MSPs and MSSPs. “Within the past year, SonicWall made a commitment to its global partners that it would take an endpoint agnostic and flexible tailored to their unique journeys – we delivered that in February,” said SonicWall CEO and President Bob VanKirk. “Building on this commitment, we’re now introducing managed security services, an EMEA-based SOC, and a suite of additional tools and resources essential for our partners’ success. Our establishment of an EMEA-based SOC with European data residency further strengthens our promise to empower partners with local expertise and rapid response capabilities, crucial for effective client protection amidst Europe's ever-evolving cybersecurity landscape. Additionally, we've upheld our pledge to partners by recently launching MDR for Capture Client, Sentinel One, and Microsoft Defender. SonicWall’s European-based SOC is now available, ensuring European partners can offer their customers enterprise-grade SOC monitoring while remaining compliant with European regulations. In many cases, MSPs and other organizations don’t have an in-house SOC team monitoring alerts and managing the performance of security solutions around the clock, meaning there can be delays in taking defensive action at critical times. Alert fatigue can also be a problem as it can be difficult to identify true problems in the noise of false positives. Adding a SOC provides 24x7x365 monitoring, so that alerts are prioritized, and no alert is missed, no matter when it comes in. Sustained EMEA Momentum This announcement comes a week after the conclusion of SonicWall’s EMEA Partner Conference Elevate 2024, held in Lisbon, Portugal. Partners from across Europe joined SonicWall’s leadership for a hands-on understanding of SonicWall’s new Managed Security Services solutions, and for a better understanding on how to grow and diversify their business in an increasingly dynamic threat and business environment. “We listened to our community and delivered solutions that will dramatically impact their businesses, and the feedback we received at Elevate 2024 was overwhelmingly positive,” said SonicWall Chief Strategy Officer Matt Neiderman. “Our commitment to empowering our partners with a platform of modern solutions designed to help them grow their business is evident in both EMEA and around the globe, and we will continue to enhance the solutions and tools they need to sustain this current momentum.” EU’s Strict Regulations The addition of these Managed Security Service solutions comes just ahead of the European Union’s strict new DORA regulations which, from January 17, 2025, will place additional compliance burdens on cybersecurity providers and their customers. Compliance with DORA will involve a rethink of current risk management frameworks and operational resilience assessments including penetration testing, incident response and third-party risks. “The EU is leading the way globally on cyber-resilience to protect its economic interests with DORA,” said SonicWall Vice President of EMEA Spencer Starkey. “SonicWall’s new SOC is physical proof we’re onboard ahead of this important new regulatory reality. We know attackers work internationally and not just nine to five, now our partners can offer ultra-fast, local response capabilities with EU data residency starting today.” The new enterprise-grade SOC is an addition to SonicWall’s existing Managed Extended Detection and Response (MXDR) capabilities announced earlier this year to deliver powerful cybersecurity monitoring and response across the entire attack surface, including firewalls, endpoint protection, antivirus and cloud threat detection for MSPs and MSSPs. “Having a European-based SOC is pivotal for ensuring compliance with stringent regulations like GDPR and DORA,” said long-time SonicWall Partner and CTO at Data-Sec GmbH Moritz Freiherr von Schwerin. “It not only strengthens our ability to protect sensitive data and uphold privacy standards but also enables us to provide localized, agile responses to emerging cybersecurity threats specific to our region. This localization is crucial for maintaining trust and delivering effective security solutions that meet the unique needs of our clients across Europe. SonicWall has enhanced its offerings, both organically and through acquisitions, and they’re focused on supporting us better than ever before.” For more information on SonicWall’s Managed Security Services please visit: https://www.sonicwall.com/products/managed-security-services/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
June 11, 2024

SonicWall Builds off its Partner Strength to Drive New Heights at Elevate 2024

Partners will get exclusive previews of the recently announced SonicPlatform and SonicWall’s newly enhanced solution roadmap from its recent acquisitions MILPITAS, Calif. — June 11, 2024 — SonicWall announced today the return of SonicWall Elevate, its premier partner event where it will detail its recent acquisitions and preview its solution roadmap which is helping organization create defensive measures from cloud to endpoint. This is yet another delivery for SonicWall’s valued partner and customer community – which has generated incredible momentum over the last several quarters. “SonicWall has been actively listening to its partner channel for the last 18 months and Elevate 2024 is another testament to our commitment to provide partners what they need to succeed in 2024 and beyond,” said SonicWall CEO Bob VanKirk. “Our partners are a force multiplier, one of our key differentiators, and we will be sharing an updated roadmap that has been specifically shaped by our partners’ voices. We have added managed security services, cloud-native security and more – all to put our partners in position to take their businesses to new heights.” SonicWall Elevate will involve sharing  key updates on its network security products, threat intelligence, as well as its newly acquired additions which include security service edge (SSE), zero trust network access (ZTNA) and additional managed security services for threat detection and response. With the platform, users get a unified backend for threat visibility and simplified workflows, uniquely positioning SonicWall well with an end-to-end solution. Elevate 2024 is designed to give partners all the tools they need to succeed in the coming year and beyond, including: Exclusive demos of SonicWall’s latest technology, including the new SonicPlatform Information on how to leverage recent acquisitions and how partners can grow and diversify their business to increase revenue Enhance the value of network security solutions and see what’s coming next Everything partners need to know about decreasing alert fatigue and growing opportunities with the 24x7 SOC protection of SonicWall MDR Interactive breakout sessions, complete with workshops and Q&A Opportunities for partners to offer feedback directly to SonicWall executive leadership SonicWall is experiencing consecutive quarters of partner growth, fueled by the explosive expansion in our Service Provider Program, recent program enhancements, and a dedicated focus on channel engagement. Over the last three quarters, SonicWall has seen an increase of transacting partners, including a 4% quarter-over-quarter growth. When and Where Americas June 12-14:Dallas, TX USA Europe, Middle East and Africa June 26-28: Lisbon, Portugal Asia, Pacific and Japan July 10-12: Bali, Indonesia For more information about Elevate 2024 and to register, please visit https://www.sonicwall.com/events/sonicwall-elevate-2024/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
May 2, 2024

SonicWall Data Reveals the Top Five Most Widespread Network Attacks Used Against Small Businesses

The last two years of firewall telemetry data, paints a clear picture of what attacks are most widespread amongst SMBs – demanding the need for prioritization MILPITAS, Calif. — May 2, 2024 — A review of SonicWall telemetry data suggests that the most widespread network attacks to small businesses (SMBs) are older vulnerabilities with a large amount of publicly available information and affecting major vendors. In light of this data, prioritization is a critically important factor for today’s CISOs who are asked to manage and prioritize risk. “In order to properly prioritize threats, we must first understand what attacks, vulnerabilities, and tactics are being used by our enemies,” said SonicWall Executive Director of Threat Research Doug McKee. “Relying too heavily on one factor (e.g., CVSS scores) can lead to an incomplete view of the risk associated with a vulnerability. Consider all factors together to develop a comprehensive understanding of the risk landscape and prioritize vulnerabilities accordingly.” From January 2022 to March 2024, using SonicWall IPS data, SonicWall determined the most widespread attacks against small businesses. Here are the top five ranked: Log4j (CVE-2021-44228) - 43% of organizations were under attack Fortinet SSL VPN Path Traversal (CVE-2018-13379) - 35% of organizations were under attack Heartbleed (CVE-2014-0160) - 35% of organizations were under attack Atlassian Pre-Auth Arbitrary File Read (CVE-2021-26085) - 32% of organizations were under attack VMware SSRF (CVE-2021-21975) - 28% of organizations were under attack The “newest” vulnerability on this list is almost three years old, and the oldest goes back almost a decade.  This suggests the biggest “win” for small businesses is to ensure they have a solid methodology in place for dealing with well-known vulnerabilities, regardless of the age of the threat. “It is still very relevant to spend time and resources tracking down items like heart bleed and log4j, which is arguably more valuable than worrying about the latest AI threat or zero days in Microsoft with no publicly available exploit,” said McKee. Prioritization is Key Prioritization is a critical factor for today’s CISOs who are asked to manage and prioritize risk.  The largest challenge with supply chain issues like Log4j, is understanding simply – is it used and where?  Product security testing or other forms of deep technical analysis of the product used on your network is vital to ensure a business is protected from threats being used by attackers and therefore should take priority in terms of funding. For more information visit www.sonicwall.com. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
Follow Us

© 2024 SonicWall. All Rights Reserved.

Company
Popular resources
Subscribe to newsletter

Stay In Touch

  • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.